---
# tasks file for jean-cloud-common

- name: Set hostname
  ansible.builtin.hostname:
      name: "{{inventory_hostname}}"
  when: inventory_hostname is defined

- name: Set hostname IP
  ansible.builtin.lineinfile:
    path: /etc/hosts
    line: "{{item}}"
  with_items:
    - "172.0.0.1 {{inventory_hostname}}"
    - "::1 {{inventory_hostname}}"

- name: Set shlago IP
  ansible.builtin.lineinfile:
    path: /etc/hosts
    line: "{{item}}"
  with_items:
    - "172.0.0.1 shlago.jean-cloud.org"
    - "::1 shlago.jean-cloud.org"
  when: inventory_hostname in groups["shlago"]


- name: Show last changed password for security
  copy:
      dest: /etc/profile.d/user_last_passwd.sh
      owner: root
      group: root
      mode: '0644'
      content: |
          #!/bin/bash
          RED='\033[0;31m'
          NC='\033[0m' # No Color
          echo -e "Password last changed on $RED$(passwd -S $USER | cut -d ' ' -f 3)$NC"


- name: Install some softwares
  apt:
      name: ['bind9', 'certbot', 'curl', 'dnsutils', 'git', 'gnupg2', 'htop', 'hugo', 'netcat-openbsd', 'nginx', 'podman', 'rclone', 'rsync', 'screen', 'sshfs', 'sudo', 'traceroute', 'vim', 'wget', 'zip']
      state: latest

# TODO disable certbot and certbot.timer services. We are using our own

- name: create needed dirs
  ansible.builtin.file:
    path: "{{item}}"
    state: directory
  with_items:
    - /docker
    - /srv/http
    - /data
    - /etc/letsencrypt

- name: Install docker-compose bash autocompletion
  get_url:
    url: https://raw.githubusercontent.com/docker/compose/1.29.2/contrib/completion/bash/docker-compose
    dest: /etc/bash_completion.d/docker-compose
    mode: '0705'
    owner: 'root'

- name: Add letsencrypt crontab
  ansible.builtin.lineinfile:
    path: /etc/crontab
    line: '26 03  * * * root letsencrypt.sh'
      
- name: Docker config
  ansible.builtin.copy:
    dest: /etc/docker/daemon.json
    content: |
      {
         "log-driver": "json-file",
         "log-opts": {
             "max-size": "10m",    
             "max-file": "3"    
             }
         }
#TODO add this to /etc/docker/daemon.json
#{
#        "iptables": false
#}
         
- name: Bash history
  ansible.builtin.copy:
    dest: /etc/profile.d/history.sh
    mode : 755
    content: |
      HISTSIZE=
      HISTFILESIZE=10000
      HISTTIMEFORMAT="%Y%m%d-%T "
      export HISTSIZE HISTFILESIZE HISTTIMEFORMAT


- name : Disable docker service
  service:
      name: "{{ item }}"
      state: stopped
      enabled: false
  with_items:
    - docker
    - docker.socket